The HDF challenge server (an unpatched Windows 2003 server connected directly to the Internet without a firewall in-between) is still standing yet has no protection other than HDF - this despite extensive attempts by hackers to deface it.

HDF is a disruptive new technology that PROACTIVELY protects against malware infection and hacker attack - including zero day and targeted attack. HDF has already been shown to defeat STUXNET and all malware thown at it to date.

Looks like it's sponsored by Royal Holloway and Bedford New College in England.

The HDF challenge server (an unpatched Windows 2003 server connected directly to the Internet without a firewall in-between) is still standing yet has no protection other than HDF - this despite extensive attempts by hackers to deface it.

HDF is a disruptive new technology that PROACTIVELY protects against malware infection and hacker attack - including zero day and targeted attack. HDF has already been shown to defeat STUXNET and all malware thown at it to date.

Looks like it's sponsored by Royal Holloway and Bedford New College in England.

All i can find just information about it were can i get the exploit files so i can TEST THIS

I am not sure as of now, but I could research it.

The question at hand for this one I believe is more about how you are going to get around the Hard Disk Firewall that is set up, opposed to what you are infecting it with. I was messing around trying directory traversal attacks but no luck.You should find a way to infect the machine opposed to what with.

All i can find just information about it were can i get the exploit files so i can TEST THIS

Hmm considering you are the OP, this is the only reason I'm hesitating on my normal response to such a request. Care to explain why you feel like this might be successful? If you are simply just wanting a link to just plug and play then the answer will be no.

"The quieter you become, the more you are able to hear...""Drink all the booze, hack all the things."

The reason ive chosen Conficker after the research done by my self and other members help we had here i have identified a port for this TEST the reason ive chose Conficker Worm correct me if im wrong it was the most advice type of worm developed by Chinese man first reported in 2008 and a very advanced worm. most systems renaming unprotected to late 2009

Not sure if i right but should allow me to gain full access to the machine . Were we plan to leave a message on the index.html

Conflick is a windows server 2003 worm the OS were TESTING is an unpatched version of WINSER2003 so this is an ideal worm if it works.

If im wrong please correct me the conflicker worm runs from a host computer and gain access to others once it gives access to remote computer it will allow access to the remote files to be viewed and edited.

Idea is to create an admin account don't need to hide anything can let my Tutor see ive been the then after i planing to disable any java script the sever maybe running as the only source on the index is html and java that should then allow to edit the index.html .

If that wont work next plan would be good to access installed programs check the software that installed on server the tutor drop a hint in lesson the HDF is a piece of small software so checking installed programs to see if i can disable the the HDF

If not next plan was to access to running services and process to see if there any HDF running there see if i can disable it from there.

We Just need to Gain access and Edit the indexpage.html of the server BUT the HDF is guarding the file so we need to disable this first before the page can be edited.

The reason ive chosen Conficker after the research done by my self and other members help we had here i have identified a port for this TEST the reason ive chose Conficker Worm correct me if im wrong it was the most advice type of worm developed by Chinese man first reported in 2008 and a very advanced worm. most systems renaming unprotected to late 2009

Not sure if i right but should allow me to gain full access to the machine . Were we plan to leave a message on the index.html

Conflick is a windows server 2003 worm the OS were TESTING is an unpatched version of WINSER2003 so this is an ideal worm if it works.

If im wrong please correct me the conflicker worm runs from a host computer and gain access to others once it gives access to remote computer it will allow access to the remote files to be viewed and edited.

Idea is to create an admin account don't need to hide anything can let my Tutor see ive been the then after i planing to disable any java script the sever maybe running as the only source on the index is html and java that should then allow to edit the index.html .

If that wont work next plan would be good to access installed programs check the software that installed on server the tutor drop a hint in lesson the HDF is a piece of small software so checking installed programs to see if i can disable the the HDF

If not next plan was to access to running services and process to see if there any HDF running there see if i can disable it from there.

We Just need to Gain access and Edit the indexpage.html of the server BUT the HDF is guarding the file so we need to disable this first before the page can be edited.

Thanks Look forward to everyone help on this

There is no doubt that it would not infect the target machine, as I said before.This machine is actually open to over 200 attacks from Armitage alone.The thing is, it has a hard disk firewall that you need to look at getting around.Your goal here would be to get around the firewall opposed to what you are using, that worm is one of the hundreds of possible attacks.

This machine is sitting there open ports and only running that hard disk firewall.The firewall is very advanced, and blocks all attacks I have tried so far.

Find a way around it, then you are golden to any type of attack almost.

How do you plan on launching this attack against this machine may I ask?With the hard disk firewall there, I believe the only option is nearly social engineering unless the machine is located in your LAN.

I'm also taking part in the Sans Holiday challenge, although I'm a total hacking noob. And now that finals have ended I can finally start on it. I started with the heatmiser page, so far I have only made it to zone-2.

Read carefully here, they give you some hints to get started, "Unlike my brother, my fridged minions (without freakish hair) didn't mess up and leak our URLs to search engines or have to block them from the search engines. There is no vulnerability to get to the next zone and you will not find a vulnerability here. Move along."And"We had a security concern where the Zone 1 URL ended up in search engine results. We added a file to prevent the search engines from caching these pages. The system is now secure an no unauthorized users have access to the URL."

I don't know how many apache servers or webpages you've set up before, I've done a couple, but my hint is robots!Here's everything else I can tell I know. A scan has revealed the only open ports are 80 (http) and 443 (SSL), although I don't know how one might exploit SSL here or if it's even used. There is no database linked to the server, I've checked for all kinds, don't even bother. If you want to discuss the challenge further, I suggest starting a new thread, and please send me a pm!

Telemancer- this is my first post...maybe I'll make a sig in the future, lol

As for the SM, in order to get to Zone 1 you have to search through their twitter accounts (seems weird, but just look).

For the HM you will listen to previous advice and look at robots. To get to Zone 3 you will need to go to the twitters again. Zone 4 is more difficult and when you get there, if you can't figure it out, I can give some more hints.

The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.